[SeaBIOS] [RFC PATCH v1 5/9] tpm: Implement tpm2_set_timeouts
Stefan Berger
stefanb at us.ibm.com
Fri Jan 15 20:44:35 CET 2016
From: Stefan Berger <stefanb at linux.vnet.ibm.com>
The TIS timeouts for TPM 2 are different than for TPM 1.2.
Also the timeouts indicating a failed TPM 2 command are different.
Further, the command durations and timeouts cannot be read from the device.
We take the command timeout values for short, medium, and long running
commands from table 15 of the following specification:
TCG PC Client Platform TPM Profile (PTP) Specification
http://www.trustedcomputinggroup.org/resources/pc_client_platform_tpm_profile_ptp_specification
The values should work for all physical TPMs.
The tricky thing with virtualized environments is that the values
may need to be longer for a system where a vTPM cannot get sufficient
cycles. So a future patch _may_ need to multiply those values here
with some factor.
Signed-off-by: Stefan Berger <stefanb at linux.vnet.ibm.com>
---
src/hw/tpm_drivers.h | 17 +++++++++++++++++
src/tcgbios.c | 20 ++++++++++++++++++++
2 files changed, 37 insertions(+)
diff --git a/src/hw/tpm_drivers.h b/src/hw/tpm_drivers.h
index 665c534..36d6ab9 100644
--- a/src/hw/tpm_drivers.h
+++ b/src/hw/tpm_drivers.h
@@ -66,6 +66,14 @@ TPMVersion tpmhw_get_tpm_version(void);
#define TIS_DEFAULT_TIMEOUT_C 750000 /* us */
#define TIS_DEFAULT_TIMEOUT_D 750000 /* us */
+/*
+ * Default TIS 2 timeouts given in TPM Profile (TPT) Spec
+ */
+#define TIS2_DEFAULT_TIMEOUT_A 750000 /* us */
+#define TIS2_DEFAULT_TIMEOUT_B 2000000 /* us */
+#define TIS2_DEFAULT_TIMEOUT_C 200000 /* us */
+#define TIS2_DEFAULT_TIMEOUT_D 30000 /* us */
+
enum tisTimeoutType {
TIS_TIMEOUT_TYPE_A = 0,
TIS_TIMEOUT_TYPE_B,
@@ -81,4 +89,13 @@ enum tisTimeoutType {
#define TPM_DEFAULT_DURATION_MEDIUM 20000000 /* us */
#define TPM_DEFAULT_DURATION_LONG 60000000 /* us */
+/*
+ * TPM 2 command durations; we set them to the timeout values
+ * given in TPM Profile (PTP) Speicfication; exceeding those
+ * timeout values indicates a faulty TPM.
+ */
+#define TPM2_DEFAULT_DURATION_SHORT 750000 /* us */
+#define TPM2_DEFAULT_DURATION_MEDIUM 2000000 /* us */
+#define TPM2_DEFAULT_DURATION_LONG 2000000 /* us */
+
#endif /* TPM_DRIVERS_H */
diff --git a/src/tcgbios.c b/src/tcgbios.c
index 0d6cfdb..7b6409c 100644
--- a/src/tcgbios.c
+++ b/src/tcgbios.c
@@ -322,6 +322,24 @@ tpm12_determine_timeouts(void)
return 0;
}
+static void
+tpm2_set_timeouts(void)
+{
+ u32 durations[3] = {
+ TPM2_DEFAULT_DURATION_SHORT,
+ TPM2_DEFAULT_DURATION_MEDIUM,
+ TPM2_DEFAULT_DURATION_LONG,
+ };
+ u32 timeouts[4] = {
+ TIS2_DEFAULT_TIMEOUT_A,
+ TIS2_DEFAULT_TIMEOUT_B,
+ TIS2_DEFAULT_TIMEOUT_C,
+ TIS2_DEFAULT_TIMEOUT_D,
+ };
+
+ tpmhw_set_timeouts(timeouts, durations);
+}
+
static int
tpm12_extend(u32 pcrindex, const u8 *digest)
{
@@ -557,6 +575,8 @@ err_exit:
static int
tpm2_startup(void)
{
+ tpm2_set_timeouts();
+
dprintf(DEBUG_tcg, "TCGBIOS: Starting with TPM2_Startup(SU_CLEAR)\n");
int ret = tpm_build_and_send_cmd(0, TPM2_CC_Startup,
Startup_SU_CLEAR,
--
2.4.3
More information about the SeaBIOS
mailing list